I'll Let Myself In: Kubernetes Privilege Escalation Tactics
A selection of escalation and persistence tactics in Kubernetes, presented at Kubecon EU 2024
Talks
Container Security Workshop
Introduction to Docker and Kubernetes security, presented at Securi-Tay 2024
Container Security Workshop
Introduction to Docker and Kubernetes security, presented at Steelcon 2023
RCE-As-A-Service: Lessons Learned from 5 Years of Real World CI/CD Pipeline Compromise
A summary of frequently observed CI/CD attacks. Presented at Blackhat USA 2022.
I'm In Your Pipes, Stealing Your Secrets
Discussions of CI/CD pipeline breakout techniques. Presented at Securi-Tay 2022.